From c1d973ea2683e16c20767a1311684301a4cc1608 Mon Sep 17 00:00:00 2001 From: Abel Stuker Date: Mon, 25 Nov 2024 22:29:38 +0100 Subject: [PATCH] feat: add flagisnowhidden challenge --- flagisnowhidden/Dockerfile | 4 ++ flagisnowhidden/README.md | 7 ++++ flagisnowhidden/SOLUTION.md | 12 ++++++ flagisnowhidden/conf/html/git/COMMIT_EDITMSG | 1 + flagisnowhidden/conf/html/git/FETCH_HEAD | 0 flagisnowhidden/conf/html/git/HEAD | 1 + flagisnowhidden/conf/html/git/config | 7 ++++ .../conf/html/git/hooks/post-commit | 9 +++++ flagisnowhidden/conf/html/git/index | Bin 0 -> 145 bytes flagisnowhidden/conf/html/git/logs/HEAD | 2 + .../conf/html/git/logs/refs/heads/main | 2 + .../07/1c93c131195760e3c933a31a6d56c6bf7b8313 | 2 + .../2d/87e51eefa6f195126294dbaca315f6534c713e | Bin 0 -> 159 bytes .../55/f77c8554ccb3f085cca10c3375044b31b79b64 | Bin 0 -> 55 bytes .../b7/2e4103ebd123ed01b1a0dc4b04ef4af6b05a57 | Bin 0 -> 211 bytes .../c5/7b0b79a86f6436af1fab67c26cc4502bab6e4a | Bin 0 -> 55 bytes .../e1/c12e0166ac4c86fcef61b9efd52e77e58e1eeb | Bin 0 -> 191 bytes flagisnowhidden/conf/html/git/refs/heads/main | 1 + flagisnowhidden/conf/html/index.html | 8 ++++ flagisnowhidden/conf/nginx.conf | 35 ++++++++++++++++++ flagisnowhidden/docker-compose.yaml | 9 +++++ 21 files changed, 100 insertions(+) create mode 100644 flagisnowhidden/Dockerfile create mode 100644 flagisnowhidden/README.md create mode 100644 flagisnowhidden/SOLUTION.md create mode 100644 flagisnowhidden/conf/html/git/COMMIT_EDITMSG create mode 100644 flagisnowhidden/conf/html/git/FETCH_HEAD create mode 100644 flagisnowhidden/conf/html/git/HEAD create mode 100644 flagisnowhidden/conf/html/git/config create mode 100755 flagisnowhidden/conf/html/git/hooks/post-commit create mode 100644 flagisnowhidden/conf/html/git/index create mode 100644 flagisnowhidden/conf/html/git/logs/HEAD create mode 100644 flagisnowhidden/conf/html/git/logs/refs/heads/main create mode 100644 flagisnowhidden/conf/html/git/objects/07/1c93c131195760e3c933a31a6d56c6bf7b8313 create mode 100644 flagisnowhidden/conf/html/git/objects/2d/87e51eefa6f195126294dbaca315f6534c713e create mode 100644 flagisnowhidden/conf/html/git/objects/55/f77c8554ccb3f085cca10c3375044b31b79b64 create mode 100644 flagisnowhidden/conf/html/git/objects/b7/2e4103ebd123ed01b1a0dc4b04ef4af6b05a57 create mode 100644 flagisnowhidden/conf/html/git/objects/c5/7b0b79a86f6436af1fab67c26cc4502bab6e4a create mode 100644 flagisnowhidden/conf/html/git/objects/e1/c12e0166ac4c86fcef61b9efd52e77e58e1eeb create mode 100644 flagisnowhidden/conf/html/git/refs/heads/main create mode 100644 flagisnowhidden/conf/html/index.html create mode 100644 flagisnowhidden/conf/nginx.conf create mode 100644 flagisnowhidden/docker-compose.yaml diff --git a/flagisnowhidden/Dockerfile b/flagisnowhidden/Dockerfile new file mode 100644 index 0000000..5132925 --- /dev/null +++ b/flagisnowhidden/Dockerfile @@ -0,0 +1,4 @@ +FROM nginx + +COPY ./conf/nginx.conf /etc/nginx/nginx.conf +COPY ./conf/html /usr/share/nginx/html diff --git a/flagisnowhidden/README.md b/flagisnowhidden/README.md new file mode 100644 index 0000000..b844e07 --- /dev/null +++ b/flagisnowhidden/README.md @@ -0,0 +1,7 @@ +# flagisnowhidden +## Text +I removed the flag from the website. Good luck finding it back. +## Files +n/a +## How to Deploy +docker compose \ No newline at end of file diff --git a/flagisnowhidden/SOLUTION.md b/flagisnowhidden/SOLUTION.md new file mode 100644 index 0000000..02ceb59 --- /dev/null +++ b/flagisnowhidden/SOLUTION.md @@ -0,0 +1,12 @@ +## Difficulty +?? +## Category +Web +## How To Solve +Observe that the `.git` folder is leaking at `/.git/`. Copy this folder to your local machine using `wget -nH --mirror .git /.git/`. Use `git log` to show the commit history. You can see that one of the commit messages is "hide flag". Using `git show` with the `commit ID` will reveal the flag. +``` +-

IGCTF{n3ever_3xp0se_fl4gs_1n_g1t}

++

REMOVED

+``` +## Flag +`IGCTF{n3ever_3xp0se_fl4gs_1n_g1t}` \ No newline at end of file diff --git a/flagisnowhidden/conf/html/git/COMMIT_EDITMSG b/flagisnowhidden/conf/html/git/COMMIT_EDITMSG new file mode 100644 index 0000000..90da051 --- /dev/null +++ b/flagisnowhidden/conf/html/git/COMMIT_EDITMSG @@ -0,0 +1 @@ +hide flag diff --git a/flagisnowhidden/conf/html/git/FETCH_HEAD b/flagisnowhidden/conf/html/git/FETCH_HEAD new file mode 100644 index 0000000..e69de29 diff --git a/flagisnowhidden/conf/html/git/HEAD b/flagisnowhidden/conf/html/git/HEAD new file mode 100644 index 0000000..b870d82 --- /dev/null +++ b/flagisnowhidden/conf/html/git/HEAD @@ -0,0 +1 @@ +ref: refs/heads/main diff --git a/flagisnowhidden/conf/html/git/config b/flagisnowhidden/conf/html/git/config new file mode 100644 index 0000000..6c9406b --- /dev/null +++ b/flagisnowhidden/conf/html/git/config @@ -0,0 +1,7 @@ +[core] + repositoryformatversion = 0 + filemode = true + bare = false + logallrefupdates = true + ignorecase = true + precomposeunicode = true diff --git a/flagisnowhidden/conf/html/git/hooks/post-commit b/flagisnowhidden/conf/html/git/hooks/post-commit new file mode 100755 index 0000000..fe5c32d --- /dev/null +++ b/flagisnowhidden/conf/html/git/hooks/post-commit @@ -0,0 +1,9 @@ +#!/bin/sh +### git-stats hook (begin) ### +# Copy last commit hash to clipboard on commit +commit_hash=$(git rev-parse HEAD) +repo_url=$(git config --get remote.origin.url) +commit_date=$(git log -1 --format=%cd) +commit_data="\"{ \"date\": \"$commit_date\", \"url\": \"$repo_url\", \"hash\": \"$commit_hash\" }\"" +git-stats --record "${commit_data}" +### git-stats hook (end) ### \ No newline at end of file diff --git a/flagisnowhidden/conf/html/git/index b/flagisnowhidden/conf/html/git/index new file mode 100644 index 0000000000000000000000000000000000000000..3e2ffa32806183a46e1add312d7273bd846d011e GIT binary patch literal 145 zcmZ?q402{*U|<4b#&p%!?<8f8bHivx1_mLvJr(i{42?^G(qDmUM1c6_!-IN^X={Ai z{=84z`TnY2`O`kR*9=^lc`2zCdKo3TIY2dF5EA6-3S>w!7%CWWg?_JT4LP&pk literal 0 HcmV?d00001 diff --git a/flagisnowhidden/conf/html/git/logs/HEAD b/flagisnowhidden/conf/html/git/logs/HEAD new file mode 100644 index 0000000..a3eb1b7 --- /dev/null +++ b/flagisnowhidden/conf/html/git/logs/HEAD @@ -0,0 +1,2 @@ +0000000000000000000000000000000000000000 071c93c131195760e3c933a31a6d56c6bf7b8313 Abel Stuker 1730538294 +0100 commit (initial): expose flag +071c93c131195760e3c933a31a6d56c6bf7b8313 2d87e51eefa6f195126294dbaca315f6534c713e Abel Stuker 1730538489 +0100 commit: hide flag diff --git a/flagisnowhidden/conf/html/git/logs/refs/heads/main b/flagisnowhidden/conf/html/git/logs/refs/heads/main new file mode 100644 index 0000000..a3eb1b7 --- /dev/null +++ b/flagisnowhidden/conf/html/git/logs/refs/heads/main @@ -0,0 +1,2 @@ +0000000000000000000000000000000000000000 071c93c131195760e3c933a31a6d56c6bf7b8313 Abel Stuker 1730538294 +0100 commit (initial): expose flag +071c93c131195760e3c933a31a6d56c6bf7b8313 2d87e51eefa6f195126294dbaca315f6534c713e Abel Stuker 1730538489 +0100 commit: hide flag diff --git a/flagisnowhidden/conf/html/git/objects/07/1c93c131195760e3c933a31a6d56c6bf7b8313 b/flagisnowhidden/conf/html/git/objects/07/1c93c131195760e3c933a31a6d56c6bf7b8313 new file mode 100644 index 0000000..076fa5b --- /dev/null +++ b/flagisnowhidden/conf/html/git/objects/07/1c93c131195760e3c933a31a6d56c6bf7b8313 @@ -0,0 +1,2 @@ +x[ +0E*_ɻ]+I-&)|Krn䄧ޘ!Z0&юLh,0 :6xǛ\PК/HI(Ű㳏Zg;Cʴ/f^;J \ No newline at end of file diff --git a/flagisnowhidden/conf/html/git/objects/2d/87e51eefa6f195126294dbaca315f6534c713e b/flagisnowhidden/conf/html/git/objects/2d/87e51eefa6f195126294dbaca315f6534c713e new file mode 100644 index 0000000000000000000000000000000000000000..26a08364fba2c5445e40276e95a30ba2defb0746 GIT binary patch literal 159 zcmV;Q0AT-k0iBLP3c@fDMP26&SkKfjGlU8fS~<)mx50C`5?U_%c_Bt+9}`&e7?Pi-Fa NkYQZnWWGwHMowzTOaTA@ literal 0 HcmV?d00001 diff --git a/flagisnowhidden/conf/html/git/objects/55/f77c8554ccb3f085cca10c3375044b31b79b64 b/flagisnowhidden/conf/html/git/objects/55/f77c8554ccb3f085cca10c3375044b31b79b64 new file mode 100644 index 0000000000000000000000000000000000000000..6d4a46299ea2a54b6147de069c61d847f5f88143 GIT binary patch literal 55 zcmV-70LcG%0V^p=O;s?qU@$Z=Ff%bx$jnPgt0v(>Rw zuT-@-zd+aH*=X|SrV5Hi!>1>5%5MbO!*+u77AV4er1b3_X-PKI$V#sICG4glMYXF< z&LItqIeVZcJLD%fR(R7gV$ z-uXB{r045;x~E8B6J$fMx>*lpMfW#5Ob>TAkGCItqyt5X@1ad3SJ&$#`Ce+CKSvg( NsvtjKzW@XQOz5UVW)}be literal 0 HcmV?d00001 diff --git a/flagisnowhidden/conf/html/git/objects/c5/7b0b79a86f6436af1fab67c26cc4502bab6e4a b/flagisnowhidden/conf/html/git/objects/c5/7b0b79a86f6436af1fab67c26cc4502bab6e4a new file mode 100644 index 0000000000000000000000000000000000000000..4dec1362ddd1c7bbb0e3bda3ff5686d94ef93b31 GIT binary patch literal 55 zcmV-70LcG%0V^p=O;s?qU@$Z=Ff%bx$jnPgt4NXoJkkJ~h4(PO>5Xi%HgLDZPp}S(bb64z>C2U#t70-m7Mo3X_N<$P< z!cLrkj#aK>Qivtv;(adWl1nL%H5YGUA@s01_SGqjC3`iR8WPx6 +

Welcome to my super awesome website

+ + + +

Here is the flag:

+

REMOVED

+ diff --git a/flagisnowhidden/conf/nginx.conf b/flagisnowhidden/conf/nginx.conf new file mode 100644 index 0000000..2de90cf --- /dev/null +++ b/flagisnowhidden/conf/nginx.conf @@ -0,0 +1,35 @@ + +user nginx; +worker_processes 1; + +pid /var/run/nginx.pid; + + +events { + worker_connections 1024; +} + + +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + index index.html; + + server { + listen 80; + root /usr/share/nginx/html; + + location /.git/ { + alias /usr/share/nginx/html/git/; + autoindex on; + } + } + +} diff --git a/flagisnowhidden/docker-compose.yaml b/flagisnowhidden/docker-compose.yaml new file mode 100644 index 0000000..4b38466 --- /dev/null +++ b/flagisnowhidden/docker-compose.yaml @@ -0,0 +1,9 @@ +services: + flagisnowhidden: + build: + context: . + volumes: + - ./conf/nginx.conf:/etc/nginx/nginx.conf:ro + - ./conf/html:/usr/share/nginx/html:ro + ports: + - "2000:80"